Apple has rolled out critical software updates for iOS and several of its other platforms to address two newly discovered security flaws that were actively exploited in targeted cyberattacks. According to the company’s official advisories, the vulnerabilities were used in “highly sophisticated attacks” against a small group of individuals using iPhones and iPads.
These flaws are classified as “zero-day” vulnerabilities, meaning they were previously unknown to Apple and were already being abused by attackers before the company became aware of them. It’s unclear who was behind these incidents, how many users were affected, or the full extent of the impact. Apple has yet to offer additional details publicly.
One of the vulnerabilities was reported by Google’s Threat Analysis Group, a team known for tracking government-sponsored hacking activities. This association suggests the attacks may have been orchestrated by state-sponsored actors using advanced spyware or surveillance tools. These types of tools can silently infect devices to extract data, track activity, or even take full control of the system.
The first flaw lies within Core Audio, a core component responsible for managing audio across Apple devices. If an attacker creates a specially crafted audio file, the vulnerability could be used to execute harmful code on a user’s device simply by processing the file. This means that something as simple as playing a malicious media file could compromise the device.
The second issue, discovered internally by Apple, involves pointer authentication—an important security mechanism used to safeguard device memory from unauthorized access. Exploiting this flaw could allow attackers to circumvent protections and potentially inject malicious code directly into memory.
To address these vulnerabilities, Apple has issued updates for iOS 18.4.1 and macOS Sequoia 15.4.1, along with corresponding security patches for Apple TV and the Vision Pro headset. These updates are now available for all eligible devices, and users are strongly advised to install them as soon as possible.
While Apple has not disclosed the specific targets or regions involved, the nature of the attacks and the involvement of specialized cybersecurity teams suggest that this was not a widespread campaign, but rather a highly focused operation. As always, keeping devices updated remains the best defense against these types of threats.
